Amendments to the Claims 

This listing of claims will replace all prior version, and listings, of claims in the 
application: 

Listing of Claims 

1 . (Currently amended) A network security system for p e rmitting a trusted proc e ss 
controlling inbound traffic by using a firewall, the firewall protecting a corresponding 
network connection of a computer to a network by setting restrictions on information 
communicated between networks, comprising: 

a port monitoring unit [[for]] extracting information about a server^ port being us e d by 
wherein the server port is designated as a port of a network communication program; 

an internal permitted program storage [[for]] storing a list of programs permitted to 
hav e s e rv e r ports r e gist e red by the firewall, wherein the internal permitted program storage 
adds a program to the list by extracting information about the program for which 
communication is to be permitted by the firewall and regist e ring th e extracted information in 
th e list ; and 

a firewall flexible device [[for]] determining whether the network communication 
program is registered in the list of programs stored in the internal permitted program storage; 
[[and]] 

an int e rnal permitt e d port storag e r e gist e ring wherein the firewall flexible device 
automatically stores t he extracted information about the server port in an internal permitted 
port storage if th e fir e wall fl e xibl e devic e d e termines that the network communication 
program is registered in the list of programs stored in the internal permitted program storage; 
and 

wherein the firewall flexible device further determines whether a [[destination]] port 
of a packet of inbound traffic has b ee n r e gistered in the internal p e rmitt e d port storag e 
matches with the server port and blocks the packet of inbound traffic if the [[destination]] port 
has not b e en r e gister e d does not match with the server port . 

2. (Currently amended) The network security system as set forth in claim 1, wherein 
the information about the program , which is e xtract e d and r e gist e r e d in the internal permitt e d 
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program storag e , includes information about at least one of a program name, an entire path of 
the program, and a program hash value. 



3. (Currently amended) The network security system as set forth in claim 1, wherein 
the information about the server port , which is regist e r e d in th e int e rnal p e rmitt e d port 
storag e , includes information about at least one of an entire path of the program, a protocol, 
and a port. 

4. (Currently amended) A network security method of p e rmitting a trust e d proc e ss 
controlling inbound traffic by using a firewall, the firewall protecting a corresponding 
network connection of a computer to a network by setting restrictions on information 
communicated between networks, comprising: 

storing in an internal permitted program storage a list of programs permitted to hav e 
serv e r ports r e gist e r e d by the firewall; 

extracting information about a server port^ b e ing us e d bv wherein the server port is 
designated as a port of a network communication program; 

determining whether the network communication program is registered in the list of 
programs stored in the internal permitted program storage; 

r e gist e rin g automatically storing t he extracted information about the extract e d server 
port in an internal permitted port storage if the network communication program is 
det e rmin e d to b e registered in the list of programs stored in the internal permitted program 
storage; 

determining whether a port of a packet of inbound traffic has b ee n register e d in the 
int e rnal p e rmitted port storag e matches with the server port ; and 

blocking the packet of inbound traffic if the port has not been r e gist e r e d does not 
match with the server port . 

5 - 7. (Canceled) 



8. (Previously presented) The network security method as set forth in claim 4, wherein 
the information about the program includes information about at least one of a program name, 
an entire path of the program, and a program hash value. 

9. (Currently amended)' The network security method as set forth in claim 4, wherein 
the information aboute f the server port includes information about at least one of an entire 
path of the program, a protocol, and a port. 

10. (Currently amended) A computer recordable device for performing a network 
security method controlling inbound traffic by using a firewall, the device storing a program 
for executing the method, the method comprising: 

storing in an internal permitted program storage a list of programs permitted to hav e 
s e rv e r ports r e gist e r e d by the firewall; 

extracting information about a server port, b e ing used bv wherein the server port is 
designated as a port of a network communication program; 

determining whether the network communication program is registered in the list of 
programs stored in the internal permitted program storage; 

r e gisterin g automatically storing t he extracted information about the extract e d server 
port in an internal permitted port storage if the network communication program is 
determin e d to b e registered in the list of programs stored in the internal permitted program 
storage; 

determining whether a [[destination]] port of a packet of inbound traffic has be e n 
regist e red in the int e rnal p e rmitt e d port storag e matches with the server port ; and 

blocking the packet of inbound traffic if the [[destination]] port has not b ee n 
regist e r e d does not match with the server port . 

11. (Currently amended) The network security system as set forth in claim 1, wherein 
the firewall flexible device allows the packet of inbound traffic to bypass the firewall if the 
port has b ee n r e gist e r e d matches with the server port . 
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12. (Currently amended) The network security method as set forth in claim 4, further 
comprising: 

allowing the packet of inbound traffic to bypass the firewall if the port has b ee n 
r e gist e r e d matches with the server port . 

13. (Currently amended) The network security system as set forth in claim 1, wherein 
the int e rnal p e rmitt e d port storag e r e gist e rs firewall flexible device stores the extracted 
information about the server port if the server port is determined to be opened. 

14. (Previously presented) The network security system as set forth in claim 1, 
wherein the extracted information about the server port is deleted from the internal permitted 
port storage if the server port is determined to be closed. 

15. (Currently amended) The network security method as set forth in claim 4, further 
including: 

r e gist e ring storing the extracted information about the sever port in the internal 
permitted port storage if the server port is determined to be opened. 

16. (Previously presented) The network security method as set forth in claim 4, further 
including: 

deleting the extracted information about the sever port from the internal permitted port 
storage if the server port is determined to be closed. 

17. (Currently amended) The computer recordable device as set forth in claim 10, 
wherein the method further including: 

r e gist e rin g storing the extracted information about the sever port in the internal 
permitted port storage if the server port is determined to be opened. 

18. (Previously presented) The computer recordable device as set forth in claim 10, 
wherein the method further including: 
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deleting the extracted information about the sever port from the internal permitted port 
storage if the server port is determined to be closed. 

19. (New) A network security system controlling inbound traffic by using a firewall, 
the firewall protecting a corresponding network connection of a computer to a network by 
setting restrictions on information communicated between networks, comprising: 

a port monitoring unit extracting information about a server port, wherein the server 
port is designated as a port of a network communication program; 

an internal permitted program storage storing a list of programs permitted by the 
firewall, wherein the internal permitted program storage adds a program to the list by 
extracting information about the program for which communication is to be permitted by the 
firewall; and 

a firewall flexible device determining whether the server port is opened or closed and 
whether the network communication program is registered in the list of programs stored in the 
internal permitted program storage; 

wherein the firewall flexible device automatically stores the extracted information 
about the server port in an internal permitted port storage if the server port is opened and the 
network communication program is registered in the list of programs stored in the internal 
permitted program storage; 

wherein the firewall flexible device determines whether a port of a packet of inbound 
traffic matches with the server port and blocks the packet of inbound traffic if the port does 
not match with the server port. 

20. (New) The network security system as set forth in claim 19, wherein the firewall 
flexible device deletes the extracted information about the server port from the internal 
permitted port storage if the server port is determined to be closed. 

21. (New) The network security system as set forth in claim 19, wherein the 
information about the program includes information about at least one of a program name, an 
entire path of the program, and a program hash value. 
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22. (New) The network security system as set forth in claim 19, wherein the 
information about the server port includes information about at least one of an entire path of 
the program, a protocol, and a port. 

23. (New) A network security method controlling inbound traffic by using a firewall, 
the firewall protecting a corresponding network connection of a computer to a network by 
setting restrictions on information communicated between networks, comprising: 

storing in an internal permitted program storage a list of programs permitted by the 
firewall; 

extracting information about a server port, wherein the server port is designated as a 
port of a network communication program; 

determining whether the network communication program is registered in the list of 
programs stored in the internal permitted program storage and whether the server port is 
opened or closed; 

automatically storing the extracted information about the server port in an internal 
permitted port storage if the network communication program is registered in the list of. 
programs stored in the internal permitted program storage and the server port is opened; 

determining whether a port of a packet of inbound traffic matches with the server port; 

and 

blocking the packet of inbound traffic if the port does not match with the server port. 

24. (New) The network security method as set forth in claim 23, wherein the method 
further comprises deleting the information about the server port if the server port is 
determined to be closed. 

25. (New) The network security method as set forth in claim 23, wherein the 
information about the program includes information about at least one of a program name, an 
entire path of the program, and a program hash value. 
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26. (New) The network security method as set forth in claim 23, wherein the 
information of the server port includes information about at least one of an entire path of the 
program, a protocol, and a port. 

27. (New) The firewall as set forth in claim 19, wherein the firewall flexible device 
allows the packet of inbound traffic to bypass the firewall if the port matches with the server 
port. 

28. (New) The method as set forth in claim 23, further comprising: 

allowing the packet of inbound traffic to bypass the firewall if the port matches with 
the server port. 
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